Hi Team,
We have provided access to all the Users in our environment via SAML authentication (Using Microsoft Azure) in Splunk. So for one of the user who is having user level access for particular index wants to use REST API . i.e. The user has created alerts in Splunk for their requirement and every weekend they have a scheduled maintenance so he wants to disable and re-enable the alert via POSTMAN script without logging into Splunk Console but it is not working it seems.
So how can we achieve this and moreover our Splunk is hosted in Cloud and managed by Splunk Support. So can anyone kindly help on the query.
Hi All,
Can anyone help on my requirement.